Guaranteeing that a certain candidate is a very difficult job, I recognize that. However, promoting a specific candidate to have increased chances may be a worth while en devour for certain actors. Additionally, this thought process has one major flaw. This line of thought only focuses primarily on only one way that these voting machines could get breached and does not follow any major security model used by the industry. This does not follow the principles of defense in depth (https://csrc.nist.gov/glossary/term/defense_in_depth), nor does it use other industry standards like the assumption of breach (basically act as if a hacker has already broken in, and you need to weed them out while still keeping other hackers out. See https://www.linkedin.com/pulse/assumption-breach-theory-steve-king.).
What we have been describing, is what is called a threat vector (one method of hacking someone). Specifically we are talking about breaching the central computers using a rubber ducky. There are a million and one other threat vectors out there. What if a supply chain attack is used to poison the machines at the factory.
We have seen this occur in the wild, just look at the solar winds attack carried out by Russia (https://www.cisecurity.org/solarwinds). tldr; russia implanted malware on software that was used by government I.T. personnel, giving them access to a large number of government networks. The extent of this breach was not made fully public but it can be assumed that Russia was able to break into sensitive parts of our military and intelligence agencies.
What if Russian state actors, breached the cards that transport votes. What if a staff member at these voting companies had a political bias and modified a large number of machines. What if I wanted to win a regional election (such as voting for mayor or school board) and breached one or two voting machines. What if an attacker made USB transmittable malware (such as what was seen in the Stuxnet cyber attacks carried out against Iran’s nuclear program) that would carry a payload back to the central voting system. What if there is another attack vector we haven’t thought of? Do these computers stay up to date, as to make it more difficult for hackers to deploy that USB malware as described earlier or other software exploits that are known? Do they take measures to ensure that people who have temporary access (Such as a voter or poll worker) to these systems, are unable to access the admin interfaces of voting machines? Do these voting machines have auto lock out if a built in IPS (Intrustion Protection System) detects that someone may be trying to tamper with votes?
The basic rule of cyber security is this, you can’t know everything. It the reason Microsoft keeps pushing out those silly little update, it’s because they made a mistake that would allow hackers to gain access to any windows system in the world and their trying to patch their mistake before any hacker can figure it out and use it to hack you. There is always a setting that someone mis-configured. There is always the poll worker who may be less attentive. It is information security 101, to use multiple layers of security (such that if a hacker breaks through one layer, they have to break through a second or third layer of protection).
Regardless; if this doesn’t convince you, than we’ll probably have to agree to disagree on the likely hood of a cyber attack. I think what we can agree on, is that these systems need to have better security measures in place. Because the lack of many basic security measures (encryption, hashing, regular updating, security monitoring, security awareness training, etc) is unacceptable, and they should at least be able to keep up with the security measures used with the modern cell phone market. I shouldn’t have to take a mega corporations word, that they have secured my vote. I should be able to audit the code myself (if it seems crazy, look at linux and how capable linux has been security wise despite having open source code). Security by obscurity is not a valid security model.
Guaranteeing that a certain candidate is a very difficult job, I recognize that. However, promoting a specific candidate to have increased chances may be a worth while en devour for certain actors. Additionally, this thought process has one major flaw. This line of thought only focuses primarily on only one way that these voting machines could get breached and does not follow any major security model used by the industry. This does not follow the principles of defense in depth (https://csrc.nist.gov/glossary/term/defense_in_depth), nor does it use other industry standards like the assumption of breach (basically act as if a hacker has already broken in, and you need to weed them out while still keeping other hackers out. See https://www.linkedin.com/pulse/assumption-breach-theory-steve-king.).
What we have been describing, is what is called a threat vector (one method of hacking someone). Specifically we are talking about breaching the central computers using a rubber ducky. There are a million and one other threat vectors out there. What if a supply chain attack is used to poison the machines at the factory.
We have seen this occur in the wild, just look at the solar winds attack carried out by Russia (https://www.cisecurity.org/solarwinds). tldr; russia implanted malware on software that was used by government I.T. personnel, giving them access to a large number of government networks. The extent of this breach was not made fully public but it can be assumed that Russia was able to break into sensitive parts of our military and intelligence agencies.
What if Russian state actors, breached the cards that transport votes. What if a staff member at these voting companies had a political bias and modified a large number of machines. What if I wanted to win a regional election (such as voting for mayor or school board) and breached one or two voting machines. What if an attacker made USB transmittable malware (such as what was seen in the Stuxnet cyber attacks carried out against Iran’s nuclear program) that would carry a payload back to the central voting system. What if there is another attack vector we haven’t thought of? Do these computers stay up to date, as to make it more difficult for hackers to deploy that USB malware as described earlier or other software exploits that are known? Do they take measures to ensure that people who have temporary access (Such as a voter or poll worker) to these systems, are unable to access the admin interfaces of voting machines? Do these voting machines have auto lock out if a built in IPS (Intrustion Protection System) detects that someone may be trying to tamper with votes?
The basic rule of cyber security is this, you can’t know everything. It the reason Microsoft keeps pushing out those silly little update, it’s because they made a mistake that would allow hackers to gain access to any windows system in the world and their trying to patch their mistake before any hacker can figure it out and use it to hack you. There is always a setting that someone mis-configured. There is always the poll worker who may be less attentive. It is information security 101, to use multiple layers of security (such that if a hacker breaks through one layer, they have to break through a second or third layer of protection).
Regardless; if this doesn’t convince you, than we’ll probably have to agree to disagree on the likely hood of a cyber attack. I think what we can agree on, is that these systems need to have better security measures in place. Because the lack of many basic security measures (encryption, hashing, regular updating, security monitoring, security awareness training, etc) is unacceptable, and they should at least be able to keep up with the security measures used with the modern cell phone market. I shouldn’t have to take a mega corporations word, that they have secured my vote. I should be able to audit the code myself (if it seems crazy, look at linux and how capable linux has been security wise despite having open source code). Security by obscurity is not a valid security model.